Balazs Scheidler <[EMAIL PROTECTED]> writes:
> as the new md5 hashing is added to lsh, the algorithm negotiation runs
> well, and the keyexchange begins. but after the NEWKEYS message both sides
> seem to receive garbage. as it seems the rc4 cipher is not compatible,
> which is, at least, strange:
My first guess is that key derivation (described in section 5.2 of the
"SSH transport layer protocol" specification) is broken. If you want
to investigate this, I think the first thing to do is to look at the
keys returned from kex_make_key (in lsh's keyexchange.h) and the
corresponding keys generated by the ssh code. Hmm, or perhaps it is
easier to just set a breakpoint at the rc4-setkey function in both
programs and compare.
/Niels
